Personal Data Policy
The website, www.medicinalherbs.bio is published by Osteorama Int. Ltd's Company, hereinafter referred to as the “data controller”.
I – GENERAL INFORMATION
The data controller protects the privacy of its users by complying with the legislation in force. When consulting our site, information relating to the navigation of your device on our site, may be recorded by programmes, including files known as “cookies” installed on your device, subject to the choices you have expressed and that you can change at any time.
This section details how the controller uses your personal data and informs you of the measures taken to ensure the protection of your personal data in connection with the use of the site, in accordance with the provisions of the Data Protection Act of 6 January 1978 (amended August 6, 2004).
II – COLLECTION OF PERSONAL DATA
The controller may collect your personal data, through the "contact" or "my account" section or through a newsletter subscription. “Personal data" refers to personal information that you voluntarily provide by filling out a form on the site, or that the data controller collects when you browse on the website, which allows to identify you, directly or indirectly.
Personal data thus includes individual-related data (such as your name, contact details, photographs that you send) and electronic identification data available on or from your device (such as "cookies" or "IP addresses") . We specify that the electronic identification data can identify your terminal or pages viewed on the site and are generally insufficient to personally identify you. When you voluntarily provide personal data about yourself, especially when it comes to multimedia content (photographs, videos, etc.), you agree to provide accurate information that is not prejudicial to the interests or rights of third parties.
In accordance with Article 32 of the Data Protection Act of 6 January 1978, the information required to process orders is indicated by an asterisk on the site. The other requested information, for which the answer is optional, is intended to get to know you better and thus to improve the services offered to you.
III – PERSONAL DATA CONCERNED
Identity: title, surname, first name(s), delivery and billing addresses, post code, city, country, landline and/or mobile number, email addresses, date of birth, company, internal processing code allowing identification of the client, copy of identity (may be retained to prove right of access, rectification or opposition or to fulfill a legal obligation); Data relating to means of payment for fraud prevention: bank that issued the payment card, type of card, partial card number, cardholder, expiry date; such data does not allow us to retrace the card number of the client.
Transaction data: transaction number, data and amount of the transaction, details of the purchase.
Data relating to monitoring of business relationship: products purchased, quantity, amount, delivery and billing addresses, purchase history, return of products, correspondence with customer service, exchanges and feedback from customers and prospects.
Data necessary for completion of marketing actions such as the newsletter, customer loyalty, prospecting, research, sponsorship, surveys or commercial promotion.
Data relating to the organisation and handling of competitions and any promotions: participation date, answers given, type of offers given;
Data relating to clients who submit reviews on products, services or content, including his/her pseudonym.
IV - ELECTRONIC IDENTIFICATION DATA: COOKIES
On the occasion of the consultation of a website, a website editor, such as the controller, may be required to file a "cookie" on your device through your browser software. These cookies do not identify you but record information about the navigation of your device on our site (the pages you have viewed, date and time of use, language settings, connection period, etc.). During its validity or registration, this cookie will allow the controller to identify your device during your next visits, in order to facilitate your navigation and offer you a personalized browsing experience.
Partners or service providers of the data controller, or third-party companies, may also be required, subject to your choice, to place "third-party" cookies on your device. The duration of the storage of this information on your device by the controller is 13 months.
We draw your attention to the fact that sharing the use of your device with other people may change the personalised nature of the action of cookies.
Functionality cookies are essential to navigation, allowing you to use the main features of the site such as managing your basket or maintaining your identification, whilst the presentation of our website adapts to display your preferences on your device, to manage and securely access your personal space or secure your transactions. These cookies are essential to browsing our site, including putting an order through. Removing them can cause problems navigating on our site as well as being unable to place orders
They allow you to visit the site in a personalised way, according to your previous visits, purchases, etc. You can quickly find the offers that suit you best
These are the cookies used to present advertisements or to send you information adapted to your interests both on our site and when you browse on the Internet. They are used to limit the number of times you see an advertisement and help measure the effectiveness of an advertising campaign.
The refusal of these advertising cookies has no impact on the use of our site. However, refusing advertising cookies will not stop advertising on our site or on the Internet, it will only have the effect of displaying an advertisement that does not take into account your interests or your preferences.
These cookies are mainly third-party cookies submitted by partners or advertising agencies
Analytical cookies and audience measurement:
These are cookies that make it possible to better understand the use (for example, the pages most often consulted) and the performance of the site in order to improve its functioning. These cookies may be installed on your computer by the controller or by its providers and audience measurement partners. These cookies are not essential for browsing but make it easier to search, optimise the purchasing experience, better target customer expectations, improve offers, or optimise the operation of the Internet site
V – MANAGEMENT OF COOKIES
Settings for managing cookies
If you do not want the controller to deposit all or some cookies, you can tell us your preferences by clicking on the button below.
Internet browser settings
You may at any time choose to disable or change these cookies via the Help section of your browser toolbar.
Warning, it is possible that this configuration of your browser may prevent you from accessing certain content or disrupt your navigation and the services you expect from our site. If necessary, we do not accept any liability for the consequences related to the degraded behavior of our site resulting from the impossibility of using the cookies necessary for its operation. If your browser is configured to refuse all cookies, you will not be able to make purchases or take advantage of essential features of our site, such as storing items in your basket or receiving personalised recommendations.
In order to manage cookies as close as possible to your expectations, we invite you to set your browser settings taking into account the purpose of cookies as mentioned above. The settings of each browser is different. It is described in the help menu of your browser, which will allow you to personalise your cookie settings. It tells you how to refuse new cookies or get a message that tells you how they are received or how to disable cookies either systematically or according to their issuer. You can also delete cookies manually.
You can disable cookies by following the instructions as follows:
Internet Explorer™ : Link
Safari™ : Link
Chrome™ : Link
Firefox™ : Link
Opera™ : Link
To find out more about handling cookies, go to https://ico.org.uk/global/cookies/ and click ‘COOKIES MANAGEMENT’ top right
VI - USE OF PERSONAL DATA
The information you provide on the site allows the controller to:
Deal with your questions or requests for information
Send you the newsletter if you subscribe
Inform you about products, offers and events
Help you to benefit from competitions
Help you to participate in surveys, like satisfaction surveys
Send you, subject to your consent, advertising or commercial messages
Your data is subject to computer processing allowing the management of the customer relationship, including payment and order tracking, delivery, billing, management of your customer account and our loyalty programs and sponsorship, management complaints to the customer service, management of the opinions on the products, services or contents, as well as the management of the requests of right of access, rectification and opposition. They can also be used by the partner companies for the purposes of statistical studies, quality monitoring of our service and, subject to your prior agreement, commercial prospection.
The data collected on this site is intended for the exclusive use of the controller. We do not sell, trade, or transfer your personally identifiable information to third parties. This does not include trusted third parties who help us operate our website, as long as these parties agree to keep this information confidential.
The controller does not transmit your personal data to a third party unless:
the data controller has to share this information with its distributors, service providers and in particular its technical service providers to provide you with the service you have requested (for example sending the newsletter)
the controller receives the request from a judicial authority or from any administrative authority empowered by law to request the disclosure of such information in accordance with the applicable legislation
The data controller tries to ensure the confidentiality and security of the personal data collected during their transmission to the aforementioned persons.
VII – PROTECTION OF PERSONAL DATA
Only authorised personnel from the commercial, customer, logistics and IT departments (and their line managers) can access your personal data. The authorised staff of the subcontractors may also have access to it provided that the contract signed between the subcontractors and the controller mentions the obligations regarding the protection of the security and confidentiality of the data (Article 35 of the Law of 6 January 1978 as amended) and specifies in particular the safety objectives to be achieved.
We take every precaution to preserve the security of your data, in particular to prevent their disclosure to unauthorized third parties. As such, the controller puts all the necessary measures in place to secure its IT devices. In the event that your data is transferred to subcontractors (in particular for their hosting), the data controller shall ensure that they have a level of security that complies with the required standards and regulatory requirements.
Due to partial outsourcing of treatment, your data may be transferred outside the European Union. In this case, the controller shall ensure that the transfer complies with the legal framework: transfer to a country providing a sufficient level of protection, signature of contractual clauses issued by the European Commission or, for a service provider established in the United States, verification of its prior adherence to the “Privacy Shield” legal framework.
VII - EXERCISE YOUR RIGHTS: INFORMATION, OPPOSITION, ACCESS AND RECTIFICATION
You need to send an email to email@example.com a letter (with a copy of identity) to: OSTEORAMA - International Team - Personal Data Protection – 20- 22 WENLOCK ROAD N17GU LONDON UNITED KINGDOM
Modifying or deleting personal data will take place within a reasonable time period from the receipt of your request by our customer service.
The controller guarantees that your data can not be used for commercial purposes without your prior consent. In the event of a commercial solicitation, the controller guarantees you the right to oppose it later.
In accordance with the provisions of articles 38, 39 and 40 of the law of 6 January 1978 relating to computing, files and freedoms, you have the right to access, rectify and delete your data, as well as a right to oppose their treatment.
To do this, you must send an email to firstname.lastname@example.org or a letter (with a copy of your identity) to: OSTEORAMA - International Team - Personal Data Protection – 20- 22 WENLOCK ROAD N17GU LONDON UNITED KINGDOM
Modifying or deleting personal data will take place within a reasonable time period from the receipt of your request by our customer service.
If you have expressed your refusal to receive the newsletter, you can then continue to make new orders on the site with the same identifiers, without receiving newsletters, unless you have requested.
By logging into your account, you can also modify, correct and update all the information contained in your account under "my account information".
IX - PERSONAL DATA RETENTION
Customer’s personal data is not kept beyond the time strictly necessary for the management of the commercial relation.
However, data enabling the establishment of proof of a right or a contract, or kept in compliance with a legal obligation, may be the subject of an intermediate archiving policy for a period that does not exceed the necessary for the purposes for which they are retained, in accordance with the provisions in force (in particular but not exclusively those provided by the Commercial Code, the Civil Code and the Consumer Code).
Customer data used for business purposes may be retained for a period of three years from the end of the business relationship (last purchase or last contact from the customer). Personal data relating to a non-client prospect may be retained for a period of three years from collection of data or the most recent contact from the prospect (for example, a request for documentation or clicking on a hypertext link contained in an email).
At the end of this three-year period, the data controller will be able to contact the data subject to find out whether he/she wishes to continue receiving commercial solicitations. In the absence of a positive and explicit response from the client, the data will be deleted or archived in accordance with the provisions in force, and in particular those provided by the Commercial Code, the Civil Code and the Consumer Code.
In case of exercise of the right of access or rectification, the data relating to identity documents may be kept for the period provided for in Article 9 of the Code of Criminal Procedure (one year).
In case of exercise of the right of opposition, these data may be archived during the limitation period provided for in Article 8 of the Code of Criminal Procedure (i.e. three years).
The data relating to bank cards are deleted once the transaction is completed, as soon as payment is successful.
In the case of payment by card, the card number and the expiry date can be conserved for proof, in case of dispute of the transaction, in intermediary archives, for the duration provided for by Article L. 133-24 of the Monetary and Financial Code, in this case thirteen months following the debit date. These data will be used only in case of dispute of the transaction. The data kept for this purpose are the subject of security measures, as described in article 8 of this standard and in article 5 of resolution 2013-358 of 14th November 2013 referred to above.
In order to facilitate the payment of regular customers, the data relating to bank cards can be kept longer, subject to obtaining the customer’s consent, previously informed of the aim pursued. The retention period can not then exceed the time necessary to fulfill the purpose for which the processing is to be carried out. The data relating to the security code are not to be kept beyond the time necessary to complete each transaction, including in case of successive payments or retention of the card number for subsequent purchases.
When the expiry date of the bank card is reached, the related data must be deleted.
Regarding the audience measurement statistics, the information stored in the user terminal (cookies), or any other method used to identify or trace, is not kept for more than 13 months.
X - INFORMATION
If you have any questions or comments regarding the Personal Data Policy or how the data controller proceeds to the collection and use of your personal data, you can send an email to the following address: email@example.com
If, despite all our efforts, you feel that your rights have not been respected, know that you have the opportunity to seize the ICO and take a look at your rights: https://ico.org.uk/your-data-matters/
You can request your personal data by filling this form.